There are some pom-ng patches that I like to use which are only in pom-ng eg TARPIT.  how hard is it to patch the iptables code in the experimental build tree ?

is it just a case of having the patches available and then apply them during the build ( I haven't worked throught the makefiles yet)

Alex

kernel patches can be put into packages/linux/kernel-patches
and will be automatically applied.

If you need to activate a configuration option for the kernel. Go into build_mipsel/linux after you have newly extracted and patched the source.
and make menuconfig, choose the options you like, and exit.
cp .config package/linux/linux.config

in short:
cd openwrt
cp your-patch package/linux/kernel-patches/477-my-patch
TOPDIR=`pwd` make -C package/linux clean compile
cd build_mipsel/linux
make menuconfig
cp .config ../../package/linux/linux.config
cd ../..
make dirclean
make

That is the way I would do it.

Also,

If you need to apply patches to the iptables userspace binary, then you will want to put them in the lddir]/package/iptables-* folder before you clean/compile.

Ben

Has any one tried this, the only problem I see is that the pom-ng pacthes are wrapped up in a perl script that decides which patch to apply etc etc, not just straight patch files.

But it has given me a place to start

When I integrate patches, I do it like this:

TOPDIR=`pwd` make -C package/linux clean prepare

Then I make a copy of this directory to make a diff against and integrate the pom-ng patch i want to apply.
Then I generate the diff for package/linux/kernel-patches and compile the kernel again.